原文:
Android指纹识别
上一篇讲了通过FingerprintManager验证手机是否支持指纹识别,以及是否录入了指纹,这里进行指纹的验证.
//获取FingerprintManager实例
FingerprintManager mFingerprintManager =
(FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
//执行验证监听
mFingerprintManager
.authenticate(cryptoObject, mCancellationSignal, 0, this, null);
参数说明:
cryptoObject//FingerprintManager支持的加密对象的包装类。目前该框架支持Signature,Cipher和Mac对象。
mCancellationSignal//提供取消正在进行的操作的功能。
callback(参数中的this)//指纹识别的回调函数
cryptoObject初始化:
private KeyguardManager mKeyguardManager;
private FingerprintManager mFingerprintManager;
private static final String DIALOG_FRAGMENT_TAG = "myFragment";
private static final String SECRET_MESSAGE = "Very secret message";
public static boolean isAuthenticating = false;
public static final String PARAM_DISMISS_DIALOG = "param_dismiss_dialog";
/**
* Alias for our key in the Android Key Store
*/
private static final String KEY_NAME = "my_key";
private KeyStore mKeyStore;
private KeyGenerator mKeyGenerator;
private Cipher mCipher;
@TargetApi(Build.VERSION_CODES.M)
private boolean initCipher() {
try {
mCipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/"
+ KeyProperties.BLOCK_MODE_CBC + "/"
+ KeyProperties.ENCRYPTION_PADDING_PKCS7);
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
throw new RuntimeException("Failed to get an instance of Cipher", e);
}
try {
mKeyStore.load(null);
SecretKey key = (SecretKey) mKeyStore.getKey(KEY_NAME, null);
mCipher.init(Cipher.ENCRYPT_MODE, key);
return true;
} catch (KeyPermanentlyInvalidatedException e) {
return false;
} catch (KeyStoreException | CertificateException | UnrecoverableKeyException | IOException
| NoSuchAlgorithmException | InvalidKeyException e) {
throw new RuntimeException("Failed to init Cipher", e);
}
}
/**
* Creates a symmetric key in the Android Key Store which can only be used after the user has
* authenticated with fingerprint.
*/
@TargetApi(Build.VERSION_CODES.M)
public void createKey() {
// The enrolling flow for fingerprint. This is where you ask the user to set up fingerprint
// for your flow. Use of keys is necessary if you need to know if the set of
// enrolled fingerprints has changed.
mKeyStore = null;
mKeyGenerator = null;
try {
mKeyStore = KeyStore.getInstance("AndroidKeyStore");
} catch (KeyStoreException e) {
throw new RuntimeException("Failed to get an instance of KeyStore", e);
}
try {
mKeyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore");
} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
throw new RuntimeException("Failed to get an instance of KeyGenerator", e);
}
try {
mKeyStore.load(null);
// Set the alias of the entry in Android KeyStore where the key will appear
// and the constrains (purposes) in the constructor of the Builder
mKeyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME,
KeyProperties.PURPOSE_ENCRYPT |
KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_CBC)
// Require the user to authenticate with a fingerprint to authorize every use
// of the key
.setUserAuthenticationRequired(true)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
.build());
mKeyGenerator.generateKey();
} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
| CertificateException | IOException e) {
throw new RuntimeException(e);
}
}
FingerprintManager.CryptoObject cryptoObject = new FingerprintManager.CryptoObject(mCipher);
回调函数:
@Override
public void onAuthenticationError(int errMsgId, CharSequence errString) {
//验证出现错误了
//errString为错误的信息
}
@Override
public void onAuthenticationHelp(int helpMsgId, CharSequence helpString) {
showError(helpString);
//验证出现一些问题的系统提示,比如:请按久一点等提示信息.
}
@Override
public void onAuthenticationFailed() {
showError("指纹验证失败");
//在验证失败和出现问题以后,系统会继续执行监听,使用者需要在这里修改相关提示信息
}
@Override
public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult result) {
//验证成功
}